Detection approach for covert channel based on concurrency conflict interval time

Jisuanji Yanjiu yu Fazhan/Computer Research and Development

Volumn 48, Issue 8, 2011, Pages 1542-1553

  Wang, Yongji ^a   Wu, Jingzheng ^a,b   Ding, Liping ^a   Zeng, Haitao ^c  

^a INSTITUTE OF SOFTWARE   (China)

^b UNIVERSITY OF CHINESE ACADEMY OF SCIENCES   (China)

^c CHINA MOBILE RESEARCH INSTITUTE   (China)

Author keywords

Concurrency control; Covert channel; Covert channel detection; Covert timing channel; Multi level secure

Indexed keywords

CONCURRENCY CONFLICT; COVERT CHANNELS; COVERT TIMING CHANNELS; DATA CONFLICT COVERT CHANNEL; DETECTION APPROACH; DETECTION METHODS; FALSE NEGATIVES; FALSE POSITIVE; INTERVAL TIME; MULTI-LEVEL; ONLINE IMPLEMENTATION; SECURE SYSTEM; SINGLE POINT;

CONCURRENCY CONTROL;

EID: 80052665981     PISSN: 10001239     EISSN: None     Source Type: Journal    
DOI: None     Document Type: Article

References (33)

1. Wang Yongji, Wu Jingzheng, Zeng Haitao, et al. Covert channel research[J]. Journal of Software, 2010, 21(9): 2262-2288 (in Chinese)
2. Qing Sihan, Shen Changxiang. Design of secure operating systems with high security levels[J]. Science in China: Series E Information Sciences, 2007, 37(2): 238-253 (in Chinese)
3. Qing Sihan. Covert channel analysis in secure operating systems with high security levels[J]. Journal of Software. 2004, 15(12): 1837-1849 (in Chinese)
4. Zander S, Armitage G, Branch P. A survey of covert channels and countermeasures in computer network protocols[J]. Communications Surveys & Tutorials, 2007, 9(3): 44-57
5. Ristenpart T, Tromer E, Shacham H, et al. Hey, you, get off of my cloud: Exploring information leakage in third-party compute clouds[C] //Proc of CCS'09. New York: ACM, 2009: 199-212
6. Wu Jingzheng, Wang Wongji, Ding Liping, et al. Identification and evaluation of sharing memory covert timing channel in Xen virtual machines[C] //Proc of CLOUD 2011. Los Alamitos, CA: IEEE Computer Society, 2011: 283-291
7. Aviram A, Hu S, Ford B, et al. Determinating timing channels in compute clouds[C] //Proc of CCSW'10. New York: ACM, 2010: 103-108
8. NCSC. Trusted Computer System Evaluation Criteria[S]. Fort Meade: National Security Agency (NSA), 1985
9. ISO/IEC. Common Criteria for Information Technology Security Evaluation[S]. , 2005
10. Standardization Administration of the People's Republic of China. Information Security Technology-Security Techniques Requirement for Operating System[S]. Beijing: Standards Press of China, 2006 (in Chinese)
11. Wu J, Wang Y, Ding L, et al. Constructing scenario of event-flag covert channel in secure operating system[C] //ICIMT'10. Los Alamitos, CA: IEEE Computer Society, 2010: 371-375
12. Zeng Haitao, Wang Yongji, Ruan Li, et al. Covert channel mitigation method for secure real-time database using capacity metric[J]. Journal on Communications, 2008, 20(8): 46-56 (in Chinese)
13. Zeng Haitao, Wang Yongji, Zu Wei, et al. New definition of small message criterion and its application in transaction covert channel mitigating[J]. Journal of Software, 2009, 20(4): 985-996 (in Chinese)
14. Nagatou N, Watanabe T. Run-time detection of covert channels[C] //ARES'06. Los Alamitos, CA: IEEE Computer Society, 2006: 577-584
15. Wang Baohua, Li Danning, Li Dan, et al. Covert channel analysis in secure database systems with high security levels[J]. Journal of Computer Research and Development, 2006, 43(Suppl): 168-172 (in Chinese)
16. Bell D, Lapadula L. Secure Computer Systems: Mathematical Foundations, MITRE Report 2547[R]. Amsterdam: IOS Press, 1973
17. Si Tiange, Tan Zhiyong, Dai Yiqi. A security proof method for multilevel security models[J]. 2008, 45(10): 1711-1717 (in Chinese)
18. Son S, Mukkamala R, DAVID R. Integrating security and real-time requirements using covert channel capacity[J]. IEEE Trans on Knowledge and Data Engineering, 2000, 12(6): 865-879
19. Keefe T, Tsai W, Srivastava J. Database concurrency control in multilevel secure database management systems[J]. IEEE Trans on Knowledge and Data Engineering, 1993, 5(6): 1039-1055
20. Yao L, Zi X, Pan L, et al. A study of on/off timing channel based on packet delay distribution[J]. Computers & Security, 2009, 28(8): 785-794
21. Sellke S, Wang C, Bagchi S, et al. TCP/IP timing channels: Theory to implementation[C] //INFOCOM'09. New York: IEEE Communications Society, 2009: 2204-2212
22. Cabuk S, Brodley C, Shields C. IP covert timing channels: Design and detection[C] //Proc of CCS'04. New York: ACM, 2004: 178-187
23. Wu J, Wang Y, Ding L, et al. Improving performance of network covert timing channel through Huffman coding[C] //ACSA'10. Seoul, Korea: FTRA, 2010: 512-521
24. Gianvecchio S, Wang H. Detecting covert timing channels: An entropy-based approach[C] //Proc of CCS'07. New York: ACM, 2007: 307-316
25. Berk V, Giani A, Cybenko G, et al. Detection of covert channel encoding in network packet delays, TR2005536[R]. Hanover, NH: Department of Computer Science, Dartmouth College, 2005
26. Peng P, Ning P, Reeves D S. On the secrecy of timing-based active watermarking trace-back techniques[C] //Proc of SP'06. Washington, DC: IEEE Computer Society, 2006: 334-348
27. Zeng Haitao. Research on covert channel measurement and handling in secure real-time database[D]. Beijing: Graduate University of Chinese Academy of Sciences, 2008 (in Chinese)
28. Cabuk S, Brodley C E, Shields C. IP covert channel detection[J]. ACM Trans on Information and Systems Security, 2009, 12(4): 1-29
29. Porta A, Guzzetti S, Montano N, et al. Entropy, entropy rate, and pattern classification as tools to typify complexity in short heart period variability series[J]. IEEE Trans on Biomedical Engineering, 2001, 48(11): 1282-1291
30. Porta A, Baselli G, Liberati D, et al. Measuring regularity by means of a corrected conditional entropy in sympathetic outflow[J]. Biological Cybernetics, 1998, 78(1): 71-78
31. Kang K, Son S, Stankovic J. Managing deadline miss ratio and sensor data freshness in real-time databases[J]. IEEE Trans on Knowledge and Data Engineering, 2004, 16(10): 1200-1216
32. Kamra A, Terzi E, Bertino E. Detecting anomalous access patterns in relational databases[J]. The VLDB Journal, 2008, 17(5): 1063-1077
33. George B, Haritsa J. Secure concurrency control in firm real-time database systems[J]. Distributed and Parallel Databases, 2000, 8(1): 41-83